The novnc-server will translate WebSockets traffic to normal socket traffic, therefore you don't have to expose the host IP to the final user, she will interact with the proxy.
Cheers On 10 February 2015 at 11:33, Nico Schottelius < nico-opennebula....@schottelius.org> wrote: > Hey, > > I think I haven't (at least I didn't enable it explicitly). > > If the novnc-server is enabled, how do I configure the templates? > Because at the moment, vnc listens to 0.0.0.0 and is accessible if > someone knows the IP and port. > > Cheers, > > Nico > > Daniel Molina [Tue, Feb 10, 2015 at 10:54:36AM +0100]: > > Hi, > > > > Are you using the novnc-server included in OpenNebula? This component > uses > > a websocket proxy, so that you don't have to expose the VNC socket to > your > > users, and it will take care of the different tcp sockets. > > > > Cheers > > > > On 6 February 2015 at 12:50, Nico Schottelius < > > nico-opennebula....@schottelius.org> wrote: > > > > > Good day, > > > > > > we are about to setup our fourth hosting plattform in the next weeks, > > > based on opennebula 4.10.2, ubuntu 14.0 and gluster 3.x (x ~= 4..6). > > > > > > In our tests the VNC socket of the VMs has been exposed on the hosts > > > directly accessible on 0.0.0.0 -> for everyone. Given that sunstone > > > will be usable by our customers and VMs will be running on hosts other > > > than the one running sunstone, what is the default & secure alternative > > > in opennebula? > > > > > > Do you support vnc / ssh tunneling like described on [0]? > > > > > > This process is pretty neat, because you don't need to expose VNC at > all > > > and not care about numbering of tcp sockets. > > > > > > I guess a combination of ssh unix socket tunneling plus spice on the > > > frontend is probably the safest solution - what are your opinions? > > > > > > How do you configure VNC access at the moment? > > > > > > [0] > > > > http://www.nico.schottelius.org/blog/tunneling-qemu-kvm-unix-socket-via-ssh/ > > > > > > -- > > > New PGP key: 659B 0D91 E86E 7E24 FD15 69D0 C729 21A1 293F 2D24 > > > _______________________________________________ > > > Users mailing list > > > Users@lists.opennebula.org > > > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org > > > > > > > > > > > -- > > -- > > Daniel Molina > > Project Engineer > > OpenNebula - Flexible Enterprise Cloud Made Simple > > www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula > > -- > New PGP key: 659B 0D91 E86E 7E24 FD15 69D0 C729 21A1 293F 2D24 > -- -- Daniel Molina Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
_______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
